The checklist below is to serve as a guide as what is expected of a user and their computers before connecting to any Fermilab operated network.
Have you read the Fermilab Policy on Computing? Fermilab Policy on Computing
Are you familiar with the Fermilab Privacy Notice? http://www.fnal.gov/pub/disclaim.html
OS patched with all the latest patches - Windows Update - RedHat Network - Apple Security Downloads - Linux YUM
Unneeded services disabled (Web Server/FTP/SSH/Telnet/SQL/others) - netstat -an - Windows Services - /etc/inetd.conf - /etc/xinetd.d/ - /etc/init.d/
Are all of your ac counts protected by distinct strong secure passwords that are not written down or shared with others? http://computing.fnal.gov/docs/strongauth/princ_pw.html#45589
Required inbound service s only accept Kerberos authentication
Login banner displayed either electronically or via a sticker on the component System Logon Banners
Do you know exactly who is responsible for system administration of the machine on your desktop, an d in particular for installing new security patches and maintaining a secure configuration? (This could be yourself.) Has that local system administrator (perhaps yourself) registered your machine and his/her identity in the lab's computing equipment database (so that he/she can b e quickly notified of urgent computer security issues concerning your machine)? http://appora.fnal.gov/pls/default/node_registration.html
When your desktop machin e is left on in an unsecured area (such as an unlocked office) is it protecte d with a password-based screen saver (and physically secured as well)?
Do you know how to repo rt a suspected computer security incident? http://security.fnal.gov/reporting.html
Virus protection softwar e running with up to date virus signatures (Windows PC's)
Do you exercise extreme care in dealing with email, in particular almost never opening attachments un less you are absolutely certain of their origin? http://security.fnal.gov/UserGuide/mail_att.htm
Do you exercise extreme care in browsing the web, in particular using safer and patched browsers , turning off ActiveX, and being cautious in clicking on new links?
